Penetration Testing

NOVEMBER 5, 2024

LastPass, a leading password management platform, has issued a critical warning to users about a social engineering campaign targeting its customer base through deceptive reviews on its Chrome Web Store... The post Warning: LastPass Alerts Users to Phishing Scam Using Fake Support Reviews on Chrome Web Store appeared first on Cybersecurity (..)

Scams

Krebs on Security

DECEMBER 18, 2024

More importantly, Tony recognized the voice of “Daniel from Google” when it was featured in an interview by Junseth , a podcaster who covers cryptocurrency scams. “No one gets arrested,” Daniel enthused to Junseth in the May 7 podcast, which quickly went viral on social media.

Cryptocurrency

Krebs on Security

JANUARY 7, 2025

Before we get to the Apple scam in detail, we need to revisit Tony’s case. Each participant in the call has a specific role, including: -The Caller: The person speaking and trying to social engineer the target. The Owner: The phishing panel owner, who will frequently listen in on and participate in scam calls.

Phishing

Krebs on Security

DECEMBER 29, 2024

In January, KrebsOnSecurity told the story of a Canadian man who was falsely charged with larceny and lost his job after becoming the victim of a complex e-commerce scam known as triangulation fraud. In this scam, you receive what you ordered, and the only party left to dispute the transaction is the owner of the stolen payment card.

Scams

Malwarebytes

AUGUST 7, 2025

The attacks underscore the vulnerability that all businesses face—large or small—in preventing cyberattacks that begin through basic social engineering scams. How to stay safe from the Salesforce scam Because this attack is so targeted—every corporate victim uses Salesforce—the defense strategies are clear and actionable.

Scams

Schneier on Security

MAY 30, 2025

The three-part suspicion, cognition, and automaticity model (SCAM) is one way to think about this. Current phishing attacks have evolved from those older Nigerian scams filled with grammar mistakes and typos. Text message, voice, or video scams are even harder to detect. The second is habits: people doing what they always do.

Cybersecurity

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, and KEVLAND, which are running targeted scams for specific victim profiles.

Scams

Malwarebytes

JULY 3, 2025

Microsoft, DocuSign, Adobe, McAfee, NortonLifeLock, PayPal, and Best Buy’s Geek Squad are being impersonated online through malicious emails that contain fake telephone support numbers and dangerous QR codes that can ensnare victims into phishing scams. The email includes a QR code. QR codes can easily hide malicious links.

Scams

Security Affairs

JULY 1, 2025

Europol busted a crypto scam ring that laundered €460M from 5,000+ victims. Europol has taken down a massive cryptocurrency fraud ring that scammed over 5,000 people worldwide, laundering around €460 million ($540 million). Operation Borrelli involved Spain, the U.S., France, and Estonia.

Scams

Malwarebytes

MARCH 19, 2025

.” Whether it’s a so-called “subsidy program,” a “government grant,” or a “relief card,” these scams all share the same underlying goalto manipulate people into giving away their personal information, orworsetheir hard-earned cash. ” Urgency and exclusivity are classic scam tactics.

Scams

Google Security

MARCH 4, 2025

Product Manager Google Messages and RCS Spam and Abuse Google has been at the forefront of protecting users from the ever-growing threat of scams and fraud with cutting-edge technologies and security expertise for years. Were now introducing Scam Detection to detect a wider range of fraudulent activities.

Scams

Security Boulevard

MARCH 31, 2025

Gen Z, or individuals born between 1997 and 2012, have certain types of lifestyles, upbringings and character traits that make them ideal for social engineering exploitation. The post Gen Zs Rising Susceptibility to Social Engineering Attacks appeared first on Security Boulevard.

Social Engineering

Security Boulevard

MARCH 24, 2025

Deception is a core component of many cyberattacks, including phishing, scams, social engineering and disinformation campaigns. The post Intro to Deceptionology: Why Falling for Scams is Human Nature appeared first on Security Boulevard.

Scams

Malwarebytes

JUNE 23, 2025

The hackers pulled this off by posing as US Department of State officials in advanced social engineering attacks, building a rapport with the target and then persuading them into creating app-specific passwords (app passwords). Use security software that can block malicious domains and recognize scams.

Authentication

Security Boulevard

JANUARY 27, 2025

The post Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam appeared first on Security Boulevard. Postal Service, in phishing campaign targeting mobile device users in hope that victims will divulge credentials and personal information, Zimperium researchers say.

Mobile

SecureWorld News

FEBRUARY 14, 2025

Be wary of romance scams "People can be vulnerable on February 14th," said Dave Machin , Partner at The Berkeley Partnership. "If Protect your personal information Valentine's Day scammers take advantage of social engineering and people letting their guard down around February 14th.

Scams

Security Boulevard

DECEMBER 10, 2024

The post Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down appeared first on Security Boulevard.

Scams

SecureWorld News

MARCH 18, 2025

In recent months, a sophisticated scam has emerged, targeting drivers across the United States with fraudulent text messages about unpaid road tolls. Smishing scams like these follow a predictable yet highly effective, nefarious behavioral blueprintleveraging urgency, impersonation, and fear to manipulate victims into compliance.

Scams

Krebs on Security

NOVEMBER 21, 2024

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. .”

Identity Theft

Security Boulevard

APRIL 23, 2025

Bacon Redux: Pig butchering and other serious scams still thriving, despite crackdowns in Dubai and Myanmar The post Asian Scam Farms: Industrial Scale, Warns UN Report appeared first on Security Boulevard.

Scams

SecureWorld News

AUGUST 7, 2025

The recent wave of attacks, attributed to the financially motivated threat group ShinyHunters (also tracked by Google as UNC6040), serves as a powerful case study in the effectiveness of sophisticated social engineering. Once inside, they grab valuable customer data and try to make money off it through scams or threats.

Social Engineering

Malwarebytes

JUNE 9, 2025

Unfortunately, people getting scammed online is a frequent event. Scammers are getting better at social engineering and are using Artificial Intelligence (AI) to sound more authentic and eliminate any spelling errors. It really can happen to anyone, so there’s no need to feel embarrassed if you have been scammed.

Scams

Security Affairs

JANUARY 21, 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber scams involving threat actors impersonating the agency by sending fraudulent AnyDesk connection requests under the guise of security audits. CERT-UA warned of scammers impersonating the agency, using fake AnyDesk requests to conduct fraudulent security audits.

Social Engineering

Malwarebytes

JUNE 10, 2025

According to new research conducted by Malwarebytes, 44% of people encounter a mobile scam every single day, while 78% encounter scams at least weekly. As Malwarebytes learned, 25% of scam victims were harassed or blackmailed, 19% had private info exposed, and 15% permanently lost their money. You can read the full report below.

Scams

SecureWorld News

MARCH 20, 2025

March Madness is here, and while fans are busy filling out brackets and making last-minute bets, cybercriminals are running their own full-court presstargeting unsuspecting fans with phishing scams, fake betting apps, and credential-harvesting schemes.

Scams

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Similar scams were reported globally. McAfee researchers discovered 15 SpyLoan Android apps on Google Play with a combined total of over 8 million installs.

Social Engineering

SecureWorld News

APRIL 28, 2025

The phishing game has evolved into synthetic sabotage a hybrid form of social engineering powered by AI that can personalize, localize, and scale attacks with unnerving precision. At the heart of many of these kits are large language models (LLMs) trained or fine-tuned specifically for social engineering tasks.

Phishing

SecureWorld News

JULY 17, 2025

Introduction: A high-tech twist on age-old scams Impersonation fraud is not new, but the scale and believability of recent AI-driven schemes pose an unprecedented threat to financial organizations. In 2025, U.S. Figure 1: Projected U.S. What used to require Hollywood-level resources can now be done with off-the-shelf AI tools.

Banking

Security Boulevard

APRIL 25, 2025

The North Korean hackers behind the Contagious Interview worker scam, which threat intelligence analysts have followed since late 2023, are now hiding behind three bogus crypto companies they created as fronts for their info- and crypto-stealing operations.

Scams

Webroot

MARCH 3, 2025

This month, take advantage of all that NCPW offers, including access to free tools and information that can help you identify and prevent online scams, fraud, and identity theft. Millions of customers were put at risk when their social security numbers, phone numbers, and other sensitive personal information were leaked.

Consumer Protection

SecureList

DECEMBER 17, 2024

Both scams targeted individual users only. We reported the scam accounts and channels to Telegram, but the messaging service had done nothing to block them at the time of writing this. The phishing link sent by the manager We have to give it to the operators: the scam was quite convincing.

Scams

Penetration Testing

JULY 22, 2025

Proofpoint reveals a surge in RFQ scams where fraudsters impersonate procurement officials to steal high-value goods by exploiting Net 15/30/45 financing terms.

Scams

Security Affairs

MAY 17, 2025

“Contact information acquired through social engineering schemes could also be used to impersonate contacts to elicit information or funds.” ” reads the alert issued by the FBI.

Government

Security Affairs

NOVEMBER 21, 2024

Scattered Spider members are part of a broader cybercriminal community called “The Com,” where hackers brag about high-profile cyber thefts, typically initiated through social engineering tactics like phone, email, or SMS scams to gain access to corporate networks.

Cybercrime

eSecurity Planet

APRIL 21, 2025

If the link in the phishing email is opened outside the expected time zone or by automated tools, it redirects users to the real foreign ministry website, making the scam even harder to detect. The post Russian Hackers Target European Diplomats with Wine-Tasting Phishing Scams appeared first on eSecurity Planet.

Scams

Malwarebytes

JANUARY 13, 2025

A smishing (SMS phishing) campaign is targeting iMessage users, attempting to socially engineer them into bypassing Apple’s built in phishing protection. How to avoid smishing scams Never reply to suspicious messages, even if its only a Y or 1.

Phishing

eSecurity Planet

JULY 14, 2025

Scattered Spider is known for using clever social engineering to trick IT help desks into bypassing security protocols, especially multi-factor authentication (MFA). She stressed that even if a breach didn’t directly impact you, your information could still be used in phishing scams or identity theft.

Insurance